Infects even when run on Live CD (eg Tails, Trinity) and operating just in RAM.

Persistence – even without a hard drive.

******

I know that cross platform viruses are rare.

This is persistent… without any drives attached…

Guess my “Vote Snowden for President” motto may have done it.

Anyway, above are the contact details for new and interesting viruses, rootkits, bootkits and “Vote for Snowden” blogs.

*****

Update, Hiren’s – Trinity and Ultimate CD all failed. All versions of linux were affected.

Solution was

Remove battery

Remove power cord

Remove physical RAM Memory – leave it out for 10 minutes to lose all settings.

Replace with a new clean SSD.

Insert RAM.

Power on and Reinstall the Windows OS.

Suddenly she works again! Hirens and Trinity all work.

Memory persistence injected from the SSD. So even if you changed to a LIVE CD, the CMOS/ RAM held the malware as persistent infection. The critical step here is to remove the RAM from the laptop for 10 minutes – that is the critical step.

WOW, nice piece of malware coding. However, all hardware needs electricity. So by removing the CMOS, power and RAM – it powered off and lost its coding. No AV out there could detect the malware on the SSD (and I’ve run them all over the last week).

So guess it’s use a new SSD for now, until AV catches up with the malware.